Filter
Top Products
CHAPTER
32-1
Cisco ASDM User Guide
OL-16647-01
32
VPN
The security appliance creates a virtual private network by creating a secure connection across a TCP/IP
network (such as the Internet) that users see as a private connection. It can create single-user-to-LAN
connections and LAN-to-LAN connections. The secure connection is called a tunnel, and the security
appliance uses tunneling protocols to negotiate security parameters, create and manage tunnels,
encapsulate packets, transmit or receive them through the tunnel, and unencapsulate them. The security
appliance functions as a bidirectional tunnel endpoint: it can receive plain packets, encapsulate them,
and send them to the other end of the tunnel, where they are unencapsulated and sent to their final
destination. It can also receive encapsulated packets, unencapsulate them, and send them to their final
destination.
The security appliance performs the following VPN functions:
• Establishes tunnels.
• Negotiates tunnel parameters.
• Enforces VPN policies.
• Authenticates users.
• Authorizes users for specific levels of use and access.
• Performs accounting functions.
• Assigns user addresses.
• Encrypts and decrypts data.
• Manages security keys.
• Manages data transfer across the tunnel.
• Manages data transfer inbound and outbound as a tunnel endpoint or router.
The security appliance invokes various standard protocols to accomplish these functions.
VPN Wizard
The VPN wizard lets you configure basic LAN-to-LAN and remote access VPN connections. Use
ASDM to edit and configure advanced features.